Security Statement

With cBank onLine and as with traditional banking methods, security is a primary concern for Community Bank. Our online banking platform brings forth a combination of industry-standard security technologies to protect both customer and Bank data from exposure to unauthorized entities. This Level of Security is achieved in part by:

  • Protecting the privacy and the confidentiality of the communications between your browser and our servers.
  • Verifying that only authorized persons are allowed to access online banking.
  • Maintaining isolation of our computers from the Internet.

cBank onLine features a password-controlled system entry, Secure Sockets Layer (SSL) protocol for data encryption, and firewall technology to regulate the inflow and outflow of server traffic. The privacy of the communications between you (your browser) and our servers is ensured using encryption. Encryption scrambles messages exchanged between your browser and our online banking server. Our servers require your browser to connect at a minimum 256-bit encryption. Users will not be able to access online banking functions at lesser encryption levels. This may require some end users to upgrade their browser to the stronger encryption level in order to access online banking functions.

Security and User Identification

Online Security is achieved by credential verification. To begin an online session, a user must have a Log-in ID and a Password. Customers accept responsibility for the confidentiality and security of access credentials. For security purposes, Passwords must be changed during the initial log in to cBank onLine. Customers determine passwords based on Bank-defined conventions. Thereafter, users are encouraged to change their Passwords periodically, at their discretion, to enhance security. Customers play a crucial role in preventing others from logging on to their account. Customers should never use passwords that are easy to guess. Examples of bad passwords are: Birth dates, first names, pet names, addresses, phone numbers, social security numbers, etc. Customers should never reveal passwords to another person. cBank onLine requires computer registration through use of a Secure Access Code delivered to mobile devices or landlines; this assists the Bank in authenticating access. On an annual basis, customer computers must be registered with the use of a secure access code, which is delivered to a cell phone or landline.

Commercial customers are granted customized access based on application. The Bank will provide access credentials to an authorized Company Administrator. Company Administrators have full account access and are responsible for maintaining users, which includes adding, assigning entitlements and removal of users. Company Administrators are encouraged to require company users to periodically change their own passwords. In addition, we may provide, or we may ask Company Administrators or company users to provide additional Codes for security purposes. Customers agree that the security credentials assigned by the Bank constitute a reasonable security procedure, and the Bank can rely on, and act in accordance with, any inquiry, message or instruction transmitted electronically using the assigned security credentials, which will constitute conclusive evidence that such inquiry, message or instruction is correct and has been duly authorized by the company.

Lockouts – Our system also uses a lock-out protocol to deter unauthorized users from repeated login attempts. After certain unsuccessful login attempts, the system locks the user out, requiring a phone call to the Bank to verify the identity of the customer before re-entry into the system. Upon successful login using an approved Log-in ID and Password, the system then establishes a secured session with the visitor.

Online Banking Security

Customers are encouraged to take advantage of online banking tools we have that add another layer of protection for you, including:

Balance Alerts

  • Check Clear Alerts
  • Payment Alerts
  • Online Statements
  • Account History

Business Online Banking

  • Transaction & Balance Alerts
  • Transaction Authorization Alerts
  • New Recipient Alerts

Secure Data Transfer

Once a server session is established, the user and the server are in a secure environment. Because the server uses the industry standard 256-bit technology by VeriSign, data traveling between the user and the server is encrypted with Secure Sockets Layer (SSL) protocol. With SSL, data that travels between the Bank and the user is encrypted and can only be decrypted with a public and private key pair. The Bank’s server issues a public key to the end user’s browser and creates a temporary private key. These two keys are the only combination possible for that session. When the session is over, the keys expire and the whole process starts over when a new end user begins a server session.

Firewall Technology

Requests must filter through a firewall before they are permitted to reach our server. The configuration begins by disallowing ALL traffic, and then grants access when appropriate to process acceptable data requests.

Protecting Your Login ID and Password

You should not keep your Login ID and Password information on or near your computer. Keep both in a secure area away from your computer to prevent any unauthorized access to your accounts. Never share your Login ID or Password with anyone. For security reasons, we recommend that you change your Password regularly. Some browser software may store User Names and Passwords to make it easier when you revisit a website. Community Bank does not recommend using this feature to access sites containing sensitive information. You can disable this feature in your browser. Please note that, if you enable this feature, unauthorized users may be able to access your account without your knowledge. Do not leave your computer while you are logged onto cBank onLine, especially if others may have access to your computer. Before leaving your computer, be sure to click on the EXIT button to end your OnLine session.

Secure E-Mail

You understand you may send and receive secure Email messages to and from the Bank through cBank onLine. Messages to the Bank via cBank onLine will automatically be routed to a Bank Email box. The Bank is not responsible for any delay in messages being retrieved. Urgent messages should be verified by a telephone call to the Bank. You are responsible to periodically check for messages sent by the Bank. You cannot use secure Email to stop payments, transfer funds or perform bill payment.

Regular, non-encrypted Internet e-mail may not be secure and should not be used as a method to communicate sensitive information. If you are uncertain about the security of e-mail or the confidentiality of any message, you can contact us by phone at 1-800-788-9999, by mail at Community Bank, P.O. Box 513715, Los Angeles, CA 90051-3715, or by visiting your nearest banking center. See our BANK LOCATION page for information on our banking center locations.

Best Practices to Mitigate Phishing Scams:

An increasingly prevalent scam currently being employed by unscrupulous individuals is phishing. Phishing is a high-tech scam that uses spam or pop-up messages to attempt to deceive you into disclosing your credit card numbers, bank account information, Social Security number, passwords, and/or other sensitive information. Spoofing is pretending to be something it’s not, on the Internet, usually an e-mail or a Web site.

The sophistication of phishing and spoofing scams sent out to consumers continues to dramatically increase. While online banking is widely considered to be as safe as or safer than in-branch or ATM banking, as a general rule, you should be careful about giving out your personal financial information over the Internet. Remember, Community Bank will not request your personal information via e-mail.

Here is a list of recommendations to follow in order to avoid becoming a victim of scams:

Be suspicious of any e-mail with urgent requests for personal financial information. Phishers have been known to include upsetting or enticing (but false) statements in their e-mails to get people to react immediately. More recently, some Phishers have toned down their language, as e-mail recipients have become more aware of the use of this tactic. Either way, the e-mail typically asks for information such as user names, passwords, credit card numbers, Social Security numbers, etc.

Be careful of e-mails that are not personalized and/or may contain spelling errors and/or awkward syntax and phrasing. Many phishing e-mails are sent in great bulk and, therefore, are not personalized. If you are suspicious of an e-mail claiming to be from your institution that is not personalized, call your institution before responding. Many also are being sent from other countries from individuals for whom English is a foreign language, thus resulting in misspelled words and awkward syntax and phrasing.

Be Careful of personalized e-mails that ask for personal financial information. Be suspicious of any e-mail that contains some personal financial information, such as a bank account number and asks for other information, such as a PIN. Your bank will never ask for or send you personal financial information by e-mail unless it is encrypted or by some other secure method.

Do not use links in an e-mail to get to any Web page. Instead, call the bank on the telephone to confirm the address, or log onto the Web site directly by typing in the Web address in your browser.

Do not complete forms in e-mail messages that ask for personal financial information. Your financial institution would never ask you to complete such a form within an e-mail message. Only communicate information, such as credit card numbers or account information, via a secure Web site or the telephone. When submitting financial information to a Web site, look for the padlock or key icon at the bottom of your browser, and make sure the Internet address begins with “https.: A secure Web server designation can be found by checking the beginning of the Web address in your browser’s address bar – the address should begin with “https://…” rather than just “http://…” .

Regularly log on to your online accounts and check your bank, credit and debit card statements to ensure that all transactions are legitimate. One of the real advantages of banking online is being able to regularly review your account for unauthorized or unusual activity. If anything is suspicious, contact your bank and all card issuers immediately.

Ensure that your browser is up to date and security patches are applied. Always visit your browser’s home page to download the latest security updates even if they don’t alert you to do so.

Use online statements to reduce the volume of paper mailed. Paper today is the cause of more actual instances of identity fraud than are electronic thefts.

Disclaimer

Community Bank does not intend to offer investment advice nor act as a fiduciary by publishing any information contained on this site or at linked sites. Third party information made available on or through this website is provided “as is,” without warranty of any kind, either expressed or implied, including (without limitation) any warranty of accuracy, completeness or adequacy of the information, title, non-infringement of third-party rights, merchantability, or fitness for a particular purpose.

Except as otherwise required by law or set forth in our agreements with users, we assume no responsibility for any damages, expenses or losses, including without limitation, direct or indirect, special, incidental or consequential damages arising in connection with this website, use thereof or reliance on any information contained herein, even if we are aware of the possibility of such damages.

Protecting Children’s Privacy Online

From our websites, we do not knowingly collect or use personal information from children under 13 without obtaining verifiable consent from their parents. However, we are not responsible for data collection and use practices from nonaffiliated third parties to which our website may link.

For more information about the Children’s Online Privacy Protection Act (COPPA), please visit the FTC website at www.ftc.gov.

Changes to this Statement

We may add to, delete from, or otherwise change the terms of this Statement from time to time. We may notify you of the changes by mail, e-mail, or by posting a modified Statement on our website. Your continued use of this site or any OnLine service following such notification will constitute your acceptance of the revised Statement. Accordingly, please check this site regularly for revisions.

Questions

If you have any questions regarding this Statement, you can write to us at Community Bank, P.O. Box 513715, Los Angeles, CA 90051-3715 or comcent@cbank.com, or call us at 1-800-788-9999.